This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description Sev1Tech is seeking a DevSecOps Engineer (Mid) to join our team. The selected candidate will support the design and engineering of a DevOps Platform to enable a shared system of systems to support software development, systems engineering, integration, and test of software applications and infrastructure in a heterogeneous environment. This effort will support the United States Navy and will be heavily focused on automation and DevSecOps. - Develops GitLab CI/CD Pipelines - Automates configurations within Kubernetes - Supports cloud networking and routing for DNS, TLS, and Ingress/Egress - Maintains and Hardens Base Images - Within Cloud Environments, support the development and documentation of risk assessment results and recommendations using identified threats, applicable vulnerabilities, and likelihood of occurrence within context of risk tolerances, providing recommendations for corrective actions and mitigation strategies. - Provide automated and manual validations of Information Assurance Controls (IACs) and Validation Procedures (VPs) in accordance with the DoD Guidelines, CNSSI 1253 and/or NIST 800 Publications. - Perform validation, troubleshooting, and documentation for DevSecOps engineering efforts. - Document processes and services for use by cloud application development teams. - Participates in Agile process to develop tasking, describe technical solutions, and test deployed systems. - Research problems discovered by quality reviews and develops solutions. - Leverages scripting and other automation tasks to manage infrastructure. - Provides inputs to technical assessments related to the cost, efficiency, and security posture of a system. - Develops system infrastructure testing procedures, programming, and documentation. - Identifies creative solutions to improve system and product offerings. - Collaborates with technical writers to create customer-relevant documentation. - Coordinates with project work teams to ensure adherence to policies, achievement of quality targets and delivery on schedule milestones. Qualifications - Six (6) years of experience to include three (3) of the following areas: Systems or Software: Requirements, Design, Development, Verification and Validation/Test & Evaluation, Integration, Build & Deployment; Systems Administration, Information Assurance, Business Analysis, Integrated Development Environment tools and Online & End-User Documentation for C4ISR systems or other federal agency IT Systems. - US Citizenship Required. - Must have DoD8570 compliant certifications (Sec+ and OS) to meet requirements for privileged access to MIP. - Valid CompTIA Security+ or equivalent certification (Minimum: DoD 8570.1-M IAT Level II), or ability to obtain within a reasonable timeframe. - High School diploma or GED. Technical Training in Information Technology (IT) or Software Application Development. - Minimum of 2+ years’ related IT experience should include DevOps/DevSecOps Engineering, CI/CD, Build & Release, SRE, Operations Engineering, Systems Integration Engineering, and/or Cloud Administration. - Prior experience evaluating/assessing systems in Government Cloud environments using DevSecOps principles with Continuous Security. - Must have a strong understanding of Infrastructure as Code and preferably hands-on experience with Terraform, AWS Cloud-Formation, or similar. - Must have experience with Docker and Rancher or Kubernetes, OpenShift, Fargate, or similar container orchestration tool(s). - Must have experience in infrastructure automation and DevOps integration. - Must have experience in developing and managing Continuous Integration and Continuous Delivery environments. Requirements - Minimum of an Active Interim Secret Clearance (DoD) / Favorable T3 Equivalent Background Investigation. Desired Qualifications - Hands-on experience with the following: Jenkins, GitLab, HashiCorp Vault, Argo CD, Red Hat Enterprise Linux, Amazon EKS. - A strong understanding and background with DISA STIGS. Company Description Founded in 2010 and recently acquired by ERT in early 2026, Sev1Tech, an ERT Company provides IT, engineering, and program management solutions delivery to critical missions across Federal and Commercial Clients. With its acquisition by ERT, Sev1Tech expanded its ability to offer secure, mission-aligned digital solutions to support modernization, resilience, and operational effectiveness for government customers operating in highly regulated mission environments. ERT and Sev1Tech together become a fully diversified engineering and federal technology solutions firm with broad reach into space, civilian, and defense markets. Please apply directly at: https://careers-sev1tech.icims.com . For questions or to submit a referral, please contact: recruiting@sev1tech.com . Sev1Tech is an Equal Opportunity and Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.

• Design and lead enterprise Azure solutions across compute, networking, identity, storage, logging, and monitoring. • Architect secure Azure landing zones and hybrid cloud environments aligned with Microsoft best practices and organizational standards. • Lead cloud migration and modernization initiatives from on-premises or legacy platforms to Azure. • Design and implement Infrastructure as Code (IaC) using ARM, Bicep, and/or Terraform. • Design and support CI/CD pipelines to enable automated, repeatable, and compliant infrastructure deployments. • Embed security-by-design and Zero Trust principles into all Azure architectures. • Design and implement Azure-native security controls, including Azure Policy, Microsoft Defender for Cloud, Microsoft Sentinel, identity protection, and conditional access. • Perform cloud security posture reviews and environment readiness assessments. • Partner with infrastructure and operations teams to ensure secure operational handoff and long-term platform stability. • Serve as a senior advisor for cloud security and compliance initiatives aligned to ISO 27001, SOC 1/2, GDPR, TISAX, and similar regulatory frameworks. • Lead the interpretation, design, implementation, and operationalization of security and compliance controls within Azure environments. • Conduct compliance and risk gap assessments and translate regulatory requirements into Azure-native technical and operational controls. • Support audit readiness activities, including evidence preparation, control validation, and remediation planning. • Communicate compliance posture, risks, and remediation strategies to technical, operational, and executive stakeholders. • Serve as the Agile Product Owner for Azure infrastructure and security services. • Own and prioritize the product backlog, including infrastructure, security, and compliance epics and user stories. • Prioritize work based on business value, risk exposure, and regulatory requirements. • Develop and maintain Azure platform and security roadmaps. • Participate in Agile ceremonies including backlog refinement, sprint planning, and sprint reviews. • Ensure delivery teams execute consistently against defined architectural, security, and compliance standards. • Act as a trusted advisor to engineering teams, business leaders, and executive stakeholders. • Lead architecture reviews, security briefings, and compliance discussions. • Present complex technical and regulatory topics in clear, business-focused language. • Mentor engineers and architects on Azure architecture, security, and best practices. • Drive continuous improvement across cloud delivery, security posture, and operational processes.

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description As a Senior Security Engineer I at Aledade, you will play a central role in enhancing the security posture of our enterprise, cloud-native environments, and applications. We are seeking a dedicated professional with in-depth knowledge of security principles, standards, and best practices to help safeguard our systems and support our security compliance initiatives. In this role, you will work to design, implement, and maintain robust security solutions across diverse platforms and technologies. You will collaborate closely with various teams to ensure alignment between security solutions and organizational requirements, enabling secure operations across the enterprise. Your ability to partner cross-functionally will be key to driving impactful security outcomes and strengthening our digital landscape. Your expertise will be crucial as we continue to mature our security capabilities and maintain our commitment to protecting critical systems and data. Primary Duties - Working cross-functionally to design, build, and operate solutions that improve and mature our security capabilities. - Leveraging data to understand trends, metrics, and opportunities to improve our security posture, researching options, and then making recommendations as options to secure those opportunities with stakeholders. - Leading and enhancing incident/issues response efforts, spearheading analysis, containment, and mitigation strategies in a cross-functional environment to ensure effective resolution and remediation of security incidents/issues. - Helping craft and refine security documentation pertinent to our Security Program, such as policies, standards, baselines, and standard operating procedures. Qualifications - BS / BTech (or higher) in Computer Science, Information Technology, Cybersecurity or a related field, 6 years security domain experience without degree. - 4+ years combined experience as a security engineer in an enterprise environment (preferably cloud) across multiple disciplines. - 3+ years of relevant work experience in security posture management. - 2+ years of experience acting as a trusted technical decision-maker in a team setting, solving for short-term and long-term business value. Requirements - Identity & Access Management experience with Identity & Access Management (IaM) systems and practices. - In-depth knowledge of authentication protocols, authorization mechanisms, and directory services. - Strong proficiency implementing IaM solutions within very complex environments. - Familiarity with regulatory compliance and security standards. - Experience generating automated metrics to measure service and program effectiveness and consistency. - Strong communication skills, both written and verbal, with the capability to articulate complex security issues to a diverse audience. - Experience with tools strongly preferred: Federated Identity - Okta/Entra ID/Ping Identity, IGA - Sailpoint/Saviynt/Omada, Cloud Platforms - AWS/Azure/GCP, Automation: Python, Terraform, Powershell. Physical Requirements - Sitting for prolonged periods of time. - Extensive use of computers and keyboard. - Occasional walking and lifting may be required. Benefits - Flexible work schedules and the ability to work remotely are available for many roles. - Health, dental and vision insurance paid up to 80% for employees, dependents and domestic partners. - Robust time-off plan (21 days of PTO in your first year). - Two paid volunteer days and 11 paid holidays. - 12 weeks paid parental leave for all new parents. - Six weeks paid sabbatical after six years of service. - Educational Assistant Program and Clinical Employee Reimbursement Program. - 401(k) with up to 4% match. - Stock options. - And much more!

• Plan, design, configure, deploy, support, and maintain system configurations and modifications for the CAPPS Program. • Provide oversight of IAM workflows, including account lifecycle management, provisioning, de‑provisioning, and access reviews. • Manage and enforce role-based access control (RBAC) and least‑privilege models within ERP (CAPPS) and connected systems. • Design and maintain segregation of duties (SoD) rules; identify, analyze, and remediate SoD conflicts across business processes and tenants. • Review and validate security roles, permission sets, and custom authorizations within CAPPS and all ancillary systems. • Monitor and analyze authentication, authorization, and privilege‑escalation logs for suspicious behavior; coordinate findings with the Information Security Office. • Oversee secure integration of third‑party applications using SAML, OAuth, OIDC, SCIM, and custom APIs. • Validate CAPPS application changes, customizations, configurations, and workflows for security and compliance impact; recommend and track remediation activities. • Respond to and investigate identity‑related security incidents, including account compromise, unauthorized access, and TDIS fraud indicators. • Maintain and continuously improve standards for security, performance, compliance, and architecture across CAPPS and related platforms. • Ensure that all digital products and content associated with CAPPS meet WCAG 2.1 accessibility standards, including perceivable, operable, understandable, and robust experiences for all users. • Assist with contract management oversight responsibilities associated with the CAPPS Program. • Assist and participate in annual IT control audits related to CAPPS Central applications, including preparation of evidence and remediation tracking. • Ensure contract data security, user permissions, audit trails, and compliance with organizational and regulatory standards. • Perform technical reviews of contract templates, metadata structures, workflows, and automation rules to ensure accuracy, usability, and compliance.